1 Introduction
2 ------------
3
4 WebStack is a package which provides a common API for Python Web
5 applications, regardless of the underlying server or framework environment.
6 It should be possible with WebStack to design and implement an application,
7 to choose a deployment environment, and then to be able to deploy the
8 application in a different environment later on without having to go back
9 and rewrite substantial parts of the application.
10
11 Quick Start
12 -----------
13
14 Try running the demo:
15
16 python tools/demo.py
17
18 An introductory guide to creating applications can be found in the docs
19 directory - see docs/index.html for the start page.
20
21 Contact, Copyright and Licence Information
22 ------------------------------------------
23
24 The current Web page for WebStack at the time of release is:
25
26 http://www.boddie.org.uk/python/WebStack.html
27
28 Copyright and licence information can be found in the docs directory - see
29 docs/COPYING.txt, docs/LICENCE.txt and docs/LICENCE-PyServlet.txt for more
30 information.
31
32 Framework Support
33 -----------------
34
35 Currently, BaseHTTPRequestHandler (via BaseHTTPServer in the standard
36 library), CGI, Jython/Java Servlet API, mod_python, Twisted, Webware, WSGI
37 and Zope 2 are supported. Each framework has its own set of strengths and
38 weaknesses, but the idea is that deployment concerns can be considered
39 separately from the implementation of application functionality. Consult the
40 NOTES.txt files in each framework's subdirectory of the docs directory for
41 some notes on how applications may be run in each environment.
42
43 Tested Frameworks Release Information
44 ----------------- -------------------
45
46 BaseHTTPRequestHandler Python 2.2.2, Python 2.3.3, Python 2.4.1
47 CGI Apache 2.0.44, Apache 2.0.53, AOLserver 4.0.10, lighttpd 1.3.15
48 Jython/Java Servlet API Jython 2.1, Java JDK 1.3.1_02, Tomcat 4.1.27 (Servlet 2.3)
49 mod_python 3.0.3 (3.1.3 for framework cookie and session support)
50 Twisted 1.0.5, 1.3.0
51 Webware 0.8.1, CVS (2004-02-06)
52 WSGI run_with_cgi (PEP 333)
53 Zope 2.7.2-0, 2.8.0-final
54
55 New in WebStack 1.0 (Changes since WebStack 0.10)
56 -------------------------------------------------
57
58 Added Debian package support.
59 Added automatic session directory creation for the WebStack sessions
60 implementation.
61 Added support for the repeated retrieval of sessions from the same WebStack
62 session store, avoiding deadlocks.
63 Fixed the calendar example, making it perform a proper function.
64 Added the notion of processed virtual path info - the part of the original
65 path info not represented in the current virtual path info (prompted by a
66 different suggestion from Scott Robinson).
67 Changed the ResourceMap.MapResource class to provide the empty string as the
68 resource name where the virtual path info is only one component in length.
69 Added a convenience method to Transaction for the decoding of path values and
70 the production of Unicode objects - see the get_readable_path method.
71
72 New in WebStack 0.10 (Changes since WebStack 0.9)
73 -------------------------------------------------
74
75 Changes to make the tools/demo.py script work on Windows (and other) platforms
76 (suggested by Jim Madsen).
77 Fixed end of header newlines for CGI (suggested by Matt Harrison).
78 Minor documentation fixes and improvements, adding information on AOLserver in
79 the CGI and Webware notes.
80 Changed the mod_python server name method to use the server object rather than
81 the connection object.
82 Added a parameter to the ResourceMap.MapResource class to permit automatic
83 redirects into resource hierarchies when no trailing "/" was given in the URL;
84 changed the updated virtual path info so that empty values may be set (the
85 guarantee that "/" will always appear no longer applies).
86 Fixed virtual path info retrieval when the value is an empty string.
87
88 New in WebStack 0.9 (Changes since WebStack 0.8)
89 ------------------------------------------------
90
91 Standardised error handling in the adapters so that tracebacks can be
92 suppressed and an internal server error condition raised.
93 Added overriding of path info in transactions.
94 Added a ResourceMap resource for dispatching to different resources
95 according to path components.
96 Standardised deployment for some frameworks (see docs/deploying.html).
97 Introductory documentation in XHTML format.
98 Added server name and port methods to the transaction.
99 Added a simple demonstration application, incorporating many of the examples
100 and launched under a single script.
101 Fixed mod_python native sessions.
102 Fixed Zope request stream access.
103 WebStack is now licensed under the LGPL - see docs/COPYING.txt for details.
104
105 New in WebStack 0.8 (Changes since WebStack 0.7)
106 ------------------------------------------------
107
108 Added a standard exception, EndOfResponse, which can be used to immediately
109 stop the processing/production of a response; this is useful when resources
110 need to issue a redirect without unnecessary content being generated, for
111 example.
112 Fixed path information for Zope.
113 Added WSGI support.
114 Verified Twisted 1.3.0 support with Python 2.3.3.
115
116 New in WebStack 0.7 (Changes since WebStack 0.6)
117 ------------------------------------------------
118
119 Fixed path information semantics.
120 Fixed file upload semantics.
121 Fixed content type handling for Unicode output and for interpreting request
122 body fields/parameters (although some improvement remains).
123 Added a method to discover the chosen response stream encoding.
124 Fixed field/parameter retrieval so that path and body fields are distinct,
125 regardless of the framework employed.
126 Added a method to get a combination of path and body fields (suggested by
127 Jacob Smullyan).
128 Introduced Zope 2 support.
129 Improved Jython/Java Servlet API support (although a special PyServlet class
130 must now be used, and certain libraries must be deployed with applications).
131 Introduced authentication/authorisation support for Jython/Java Servlet API.
132 Session support has been added (except for Webware 0.8.1).
133 Alternative cookie support for mod_python has been added.
134 Cookie support now supports encoded Unicode sequences for names and values.
135
136 New in WebStack 0.6 (Changes since WebStack 0.5)
137 ------------------------------------------------
138
139 Introduced Jython/Java Servlet API support.
140 Minor fixes to example applications and to BaseHTTPRequestHandler.
141
142 New in WebStack 0.5 (Changes since WebStack 0.4)
143 ------------------------------------------------
144
145 Changed request body fields/parameters so that they are now represented
146 using Unicode objects rather than plain strings.
147 Introduced better support for Unicode in response streams.
148
149 New in WebStack 0.4 (Changes since WebStack 0.3)
150 ------------------------------------------------
151
152 Added application definition of user identity, permitting alternative
153 authentication mechanisms.
154 Improved BaseHTTPRequestHandler and mod_python reliability around fields
155 from request bodies.
156 Provided stream and environment parameterisation in the CGI adapter.
157 Added LoginRedirect and Login examples.
158 Added get_path_without_query and fixed get_path behaviour.
159
160 New in WebStack 0.3 (Changes since WebStack 0.2)
161 ------------------------------------------------
162
163 Added better header support for Webware (suggested by Ian Bicking).
164 Introduced CGI and Java Servlet support (the latter is currently
165 broken/unfinished).
166 Introduced support for cookies.
167
168 Future Work
169 -----------
170
171 (Essential)
172
173 JythonServlet libraries need to be configured using sys.add_package when
174 these do not feature in the compiled-in list. Adding such configuration to
175 the handler may be most appropriate (since the web.xml file can be too
176 arcane), but this needs testing.
177
178 (Important)
179
180 Things to consider for future releases: improved cookie support, redirects,
181 access to shared resources and much better documentation.
182
183 Field access needs testing, especially for anything using the
184 cgi.FieldStorage class, and the way file uploads are exposed should be
185 reviewed (currently the meta-data is not exposed). The acquisition of fields
186 from specific sources should be tested with different request methods - some
187 frameworks provide path fields in the body fields dictionary, others (eg.
188 Zope) change the fields exposed depending on request method.
189
190 Interpretation of path field encodings needs to be verified. Currently,
191 stray path fields are handled (eg. in WebStack.Helpers.Request) as being
192 ISO-8859-1, but it might be the case that some such fields might be
193 submitted as UTF-8.
194
195 Cookie objects need defining strictly, especially since the standard library
196 Cookie object behaves differently to mod_python (and possibly Webware)
197 Cookie objects. Moreover, the set_cookie_value method needs to provide
198 access to the usual cookie parameters as supported by the frameworks. The
199 standard library Cookie module has issues with Unicode cookie names (and
200 possibly values) - this is worked around, but it would be best to resolve
201 this comprehensively.
202
203 UTF-16 (and possibly other encodings) causes problems with HTML form data
204 sent in POST requests using the application/x-www-form-urlencoded content
205 type. This should be reviewed at a later date when proper standardisation
206 has taken place.
207
208 Session support, especially through WebStack.Helpers.Session, should be
209 reviewed and be made compatible with non-cookie mechanisms.
210
211 HeaderValue objects should be employed more extensively. Thus, the header
212 access methods may need to change their behaviour slightly.
213
214 Investigate the nicer functions in the cgi module, discarding the "magic"
215 stuff like FieldStorage.
216
217 WSGI support could demand that a special "end of headers" method be
218 introduced into WebStack, thus making response output more efficient (and
219 probably also for other frameworks, too).
220
221 The algorithm employed in the WebStack.Helpers.Auth.get_token function
222 should be reviewed and improved for better security.
223
224 Investigate proper support for HEAD, OPTIONS and other request methods.
225
226 Consider packages for different operating systems.
227
228 (Completed/rejected)
229
230 The location of deployed applications in the filesystem should be exposed to
231 those applications. (This is actually available in the __file__ module
232 variable.)
233
234 Path information should be consistent across all frameworks, and the "path
235 info" value should be meaningful. (This should now be correct.)
236
237 Release Procedures
238 ------------------
239
240 Update the WebStack/__init__.py __version__ attribute.
241 Change the version number and package filename/directory in the documentation.
242 Change code examples in the documentation if appropriate.
243 Update the release notes (see above).
244 Check the setup.py file and ensure that all package directories are mentioned.
245 Check the release information in the PKG-INFO file and in the package
246 changelog (and other files).
247 Tag, export.
248 Generate the PyServlet classes.
249 Generate the API documentation.
250 Remove generated .pyc files: rm `find . -name "*.pyc"`
251 Archive, upload.
252 Upload the introductory documentation.
253 Update PyPI, PythonInfo Wiki, Vaults of Parnassus entries.
254
255 Generating the API Documentation
256 --------------------------------
257
258 In order to prepare the API documentation, it is necessary to generate some
259 Web pages from the Python source code. For this, the epydoc application must
260 be available on your system. Then, inside the WebStack directory, run the
261 apidocs.sh tool script as follows:
262
263 ./tools/apidocs.sh
264
265 Some warnings may be generated by the script, but the result should be a new
266 apidocs directory within the WebStack directory.